From 92d574eef62e2cd9c5006255bc40974a7a9ea90e Mon Sep 17 00:00:00 2001 From: Lukas Jarosch Date: Sat, 30 Sep 2023 11:47:39 +0200 Subject: [PATCH 1/2] chore: fix up some examples --- Makefile | 16 +++- examples/keyvault/compiled/develop/README.md | 4 +- .../compiled/develop/{scripts => }/apply.sh | 8 +- .../develop/{scripts => }/create_key.sh | 0 examples/keyvault/compiled/develop/destroy.sh | 13 ++++ examples/keyvault/compiled/develop/envrc | 1 + .../compiled/develop/scripts/destroy.sh | 13 ---- examples/keyvault/go.mod | 1 + examples/keyvault/go.sum | 2 + .../keyvault/inventory/classes/keyvault.yaml | 2 +- examples/keyvault/main.go | 74 +++++++++++-------- examples/keyvault/templates/README.md | 3 +- examples/keyvault/templates/apply.sh | 4 +- examples/keyvault/templates/destroy.sh | 6 +- examples/keyvault/templates/envrc | 2 +- .../dev/terraform/01_resource_group.tf | 2 +- .../compiled/dev/terraform/02_network.tf | 2 +- .../compiled/dev/terraform/03_aks.tf | 2 +- examples/terraform/main.go | 4 +- .../compiled/develop/markdown/README.md | 7 +- .../secrets/targets/develop/some_secret | 2 +- .../inventory/targets/develop.yaml | 5 +- examples/terraform_azure/main.go | 42 ++++++++--- 23 files changed, 131 insertions(+), 84 deletions(-) rename examples/keyvault/compiled/develop/{scripts => }/apply.sh (68%) rename examples/keyvault/compiled/develop/{scripts => }/create_key.sh (100%) create mode 100755 examples/keyvault/compiled/develop/destroy.sh create mode 100644 examples/keyvault/compiled/develop/envrc delete mode 100755 examples/keyvault/compiled/develop/scripts/destroy.sh diff --git a/Makefile b/Makefile index cf507dd..9ecff79 100644 --- a/Makefile +++ b/Makefile @@ -46,13 +46,27 @@ serve-docs: ## Examples -example-terraform-dev: +example-terraform: go run examples/terraform/main.go \ -data examples/terraform/inventory \ -templates examples/terraform/templates \ -output examples/terraform/compiled \ -target dev +example-terraform-azure: + go run examples/terraform_azure/main.go \ + -data examples/terraform_azure/inventory \ + -templates examples/terraform_azure/templates \ + -output examples/terraform_azure/compiled \ + -target develop + +example-keyvault: + go run examples/keyvault/main.go \ + -data examples/keyvault/inventory \ + -templates examples/keyvault/templates \ + -output examples/keyvault/compiled \ + -target develop + example-external-classes: cd examples/external_classes && go run main.go diff --git a/examples/keyvault/compiled/develop/README.md b/examples/keyvault/compiled/develop/README.md index 3b8408d..4b9a16b 100644 --- a/examples/keyvault/compiled/develop/README.md +++ b/examples/keyvault/compiled/develop/README.md @@ -3,7 +3,7 @@ It will create an `apply.sh` and a `destroy.sh` script which create/destroy a resource group and a key vault. -- **Subscription:** `59efa773-ee54-47d6-a95a-eac3fca3bc24` -- **Resource Group:** `skipper-example` +- **Subscription:** `d62fd2d4-358f-4ddc-9373-7ac8a307f75b` +- **Resource Group:** `skipper-keyvault-example` - **KeyVault:** `skipperkeyvaultexample` - **Location:** `westeurope` diff --git a/examples/keyvault/compiled/develop/scripts/apply.sh b/examples/keyvault/compiled/develop/apply.sh similarity index 68% rename from examples/keyvault/compiled/develop/scripts/apply.sh rename to examples/keyvault/compiled/develop/apply.sh index 4ce0243..3f70c7d 100755 --- a/examples/keyvault/compiled/develop/scripts/apply.sh +++ b/examples/keyvault/compiled/develop/apply.sh @@ -1,12 +1,12 @@ az group create \ --location westeurope \ - --name skipper-example \ - --subscription 59efa773-ee54-47d6-a95a-eac3fca3bc24 + --name skipper-keyvault-example \ + --subscription d62fd2d4-358f-4ddc-9373-7ac8a307f75b az keyvault create \ --location westeurope \ - --subscription 59efa773-ee54-47d6-a95a-eac3fca3bc24 \ - --resource-group skipper-example \ + --subscription d62fd2d4-358f-4ddc-9373-7ac8a307f75b \ + --resource-group skipper-keyvault-example \ --name skipperkeyvaultexample az keyvault set-policy \ diff --git a/examples/keyvault/compiled/develop/scripts/create_key.sh b/examples/keyvault/compiled/develop/create_key.sh similarity index 100% rename from examples/keyvault/compiled/develop/scripts/create_key.sh rename to examples/keyvault/compiled/develop/create_key.sh diff --git a/examples/keyvault/compiled/develop/destroy.sh b/examples/keyvault/compiled/develop/destroy.sh new file mode 100755 index 0000000..e3ad68f --- /dev/null +++ b/examples/keyvault/compiled/develop/destroy.sh @@ -0,0 +1,13 @@ +az keyvault delete \ + --subscription d62fd2d4-358f-4ddc-9373-7ac8a307f75b \ + --resource-group skipper-keyvault-example \ + --name skipperkeyvaultexample \ + +az keyvault purge \ + --subscription d62fd2d4-358f-4ddc-9373-7ac8a307f75b \ + --name skipperkeyvaultexample \ + +az group delete \ + --name skipper-keyvault-example \ + --subscription d62fd2d4-358f-4ddc-9373-7ac8a307f75b \ + --yes diff --git a/examples/keyvault/compiled/develop/envrc b/examples/keyvault/compiled/develop/envrc new file mode 100644 index 0000000..51525d3 --- /dev/null +++ b/examples/keyvault/compiled/develop/envrc @@ -0,0 +1 @@ +export ARM_SUBSCRIPTION_ID=d62fd2d4-358f-4ddc-9373-7ac8a307f75b diff --git a/examples/keyvault/compiled/develop/scripts/destroy.sh b/examples/keyvault/compiled/develop/scripts/destroy.sh deleted file mode 100755 index f18d8ae..0000000 --- a/examples/keyvault/compiled/develop/scripts/destroy.sh +++ /dev/null @@ -1,13 +0,0 @@ -az keyvault delete \ - --subscription 59efa773-ee54-47d6-a95a-eac3fca3bc24 \ - --resource-group skipper-example \ - --name skipperkeyvaultexample \ - -az keyvault purge \ - --subscription 59efa773-ee54-47d6-a95a-eac3fca3bc24 \ - --name skipperkeyvaultexample \ - -az group delete \ - --name skipper-example \ - --subscription 59efa773-ee54-47d6-a95a-eac3fca3bc24 \ - --yes diff --git a/examples/keyvault/go.mod b/examples/keyvault/go.mod index 1cc8817..d1030a5 100644 --- a/examples/keyvault/go.mod +++ b/examples/keyvault/go.mod @@ -26,6 +26,7 @@ require ( github.com/imdario/mergo v0.3.11 // indirect github.com/kylelemons/godebug v1.1.0 // indirect github.com/mitchellh/copystructure v1.0.0 // indirect + github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/reflectwalk v1.0.0 // indirect github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect github.com/shopspring/decimal v1.2.0 // indirect diff --git a/examples/keyvault/go.sum b/examples/keyvault/go.sum index 0befb5d..3214473 100644 --- a/examples/keyvault/go.sum +++ b/examples/keyvault/go.sum @@ -158,6 +158,8 @@ github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= +github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= +github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/reflectwalk v1.0.0 h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/IfikLNY= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3PzxT8aQXRPkAt8xlV/e7d7w8GM5g0fa5F0D8= diff --git a/examples/keyvault/inventory/classes/keyvault.yaml b/examples/keyvault/inventory/classes/keyvault.yaml index 6ba1ab8..c102b35 100644 --- a/examples/keyvault/inventory/classes/keyvault.yaml +++ b/examples/keyvault/inventory/classes/keyvault.yaml @@ -1,4 +1,4 @@ keyvault: name: "skipperkeyvaultexample" location: "westeurope" - resource_group: "skipper-example" + resource_group: "skipper-keyvault-example" diff --git a/examples/keyvault/main.go b/examples/keyvault/main.go index 25f81b1..7d21a85 100644 --- a/examples/keyvault/main.go +++ b/examples/keyvault/main.go @@ -1,6 +1,8 @@ package main import ( + "flag" + "log" "path" "github.com/lukasjarosch/skipper" @@ -8,42 +10,54 @@ import ( ) var ( - fileSystem = afero.NewOsFs() - inventoryPath = "inventory" - classPath = path.Join(inventoryPath, "classes") - targetPath = path.Join(inventoryPath, "targets") - templatePath = "templates" - secretPath = path.Join(inventoryPath, "secrets") - outputPath = "compiled" + fileSystem = afero.NewOsFs() - target = "develop" + inventoryPath string + templatePath string + outputPath string + + targetPath string + classPath string + secretPath string + target string ) +func init() { + flag.StringVar(&inventoryPath, "data", "inventory", "path to the inventory folder") + flag.StringVar(&templatePath, "templates", "templates", "path to the templates folder") + flag.StringVar(&outputPath, "output", "compiled", "template output path") + flag.StringVar(&target, "target", "dev", "name of the target to use") + flag.Parse() + + targetPath = path.Join(inventoryPath, "targets") + classPath = path.Join(inventoryPath, "classes") + secretPath = path.Join(inventoryPath, "secrets") + + log.Printf("inventory path set to '%s'", inventoryPath) + log.Printf("template path set to '%s'", templatePath) + log.Printf("compiled path set to '%s'", outputPath) + log.Printf("desired target is '%s'", target) +} + func main() { inventory, err := skipper.NewInventory(fileSystem, classPath, targetPath, secretPath) if err != nil { panic(err) } - // Load the inventory - err = inventory.Load() - if err != nil { - panic(err) - } - predefinedVariables := map[string]interface{}{ "target_name": target, "output_path": outputPath, } // Process the inventory, given the target name - data, err := inventory.Data("develop", predefinedVariables, true) + data, err := inventory.Data("develop", predefinedVariables, false, true) if err != nil { panic(err) } templateOutputPath := path.Join(outputPath, target) - templater, err := skipper.NewTemplater(fileSystem, templatePath, templateOutputPath, nil) + templater, err := skipper.NewTemplater(fileSystem, templatePath, templateOutputPath, nil, nil) if err != nil { panic(err) } @@ -58,22 +72,22 @@ func main() { // execute templates ---------------------------------------------------------------------------------- - { - components, err := inventory.GetComponents(target) - if err != nil { - panic(err) - } - - err = templater.ExecuteComponents(templateData, components, false) + // { + // components, err := inventory.GetComponents(target) + // if err != nil { + // panic(err) + // } + // + // err = templater.ExecuteComponents(templateData, components, false) + // if err != nil { + // panic(err) + // } + // } + for _, template := range templater.Files { + err := templater.Execute(template, templateData, false, nil) if err != nil { panic(err) } + log.Printf("executed template '%s' into: %s'", template.Path, path.Join(templateOutputPath, template.Path)) } - //for _, template := range templater.Files { - // err := templater.Execute(template, templateData, false) - // if err != nil { - // panic(err) - // } - // log.Printf("executed template '%s' into: %s'", template.Path, path.Join(templateOutputPath, template.Path)) - //} } diff --git a/examples/keyvault/templates/README.md b/examples/keyvault/templates/README.md index b8da4a6..3024143 100644 --- a/examples/keyvault/templates/README.md +++ b/examples/keyvault/templates/README.md @@ -2,8 +2,9 @@ > This example is meant to quickly provision an Azure KeyVault used for testing the KeyVault secret driver It will create an `apply.sh` and a `destroy.sh` script which create/destroy a resource group and a key vault. +Additionally, a `create_key.sh` is created to quickly create new keys within the keyvault. -- **Subscription:** `{{ .Inventory.target.azure.common.subscription_id }}` +- **Subscription:** `{{ .Inventory.azure.common.subscription_id }}` - **Resource Group:** `{{ .Inventory.keyvault.resource_group }}` - **KeyVault:** `{{ .Inventory.keyvault.name }}` - **Location:** `{{ .Inventory.keyvault.location }}` diff --git a/examples/keyvault/templates/apply.sh b/examples/keyvault/templates/apply.sh index f6f1867..37b6c6e 100755 --- a/examples/keyvault/templates/apply.sh +++ b/examples/keyvault/templates/apply.sh @@ -1,11 +1,11 @@ az group create \ --location {{ .Inventory.keyvault.location }} \ --name {{ .Inventory.keyvault.resource_group }} \ - --subscription {{ .Inventory.target.azure.common.subscription_id }} + --subscription {{ .Inventory.azure.common.subscription_id }} az keyvault create \ --location {{ .Inventory.keyvault.location }} \ - --subscription {{ .Inventory.target.azure.common.subscription_id }} \ + --subscription {{ .Inventory.azure.common.subscription_id }} \ --resource-group {{ .Inventory.keyvault.resource_group }} \ --name {{ .Inventory.keyvault.name }} diff --git a/examples/keyvault/templates/destroy.sh b/examples/keyvault/templates/destroy.sh index 759ceb7..786e3bb 100755 --- a/examples/keyvault/templates/destroy.sh +++ b/examples/keyvault/templates/destroy.sh @@ -1,13 +1,13 @@ az keyvault delete \ - --subscription {{ .Inventory.target.azure.common.subscription_id }} \ + --subscription {{ .Inventory.azure.common.subscription_id }} \ --resource-group {{ .Inventory.keyvault.resource_group }} \ --name {{ .Inventory.keyvault.name }} \ az keyvault purge \ - --subscription {{ .Inventory.target.azure.common.subscription_id }} \ + --subscription {{ .Inventory.azure.common.subscription_id }} \ --name {{ .Inventory.keyvault.name }} \ az group delete \ --name {{ .Inventory.keyvault.resource_group }} \ - --subscription {{ .Inventory.target.azure.common.subscription_id }} \ + --subscription {{ .Inventory.azure.common.subscription_id }} \ --yes diff --git a/examples/keyvault/templates/envrc b/examples/keyvault/templates/envrc index 65732de..2a8ebac 100644 --- a/examples/keyvault/templates/envrc +++ b/examples/keyvault/templates/envrc @@ -1 +1 @@ -export ARM_SUBSCRIPTION_ID={{ .Inventory.target.azure.common.subscription_id }} +export ARM_SUBSCRIPTION_ID={{ .Inventory.azure.common.subscription_id }} diff --git a/examples/terraform/compiled/dev/terraform/01_resource_group.tf b/examples/terraform/compiled/dev/terraform/01_resource_group.tf index cc65807..7cde3b0 100644 --- a/examples/terraform/compiled/dev/terraform/01_resource_group.tf +++ b/examples/terraform/compiled/dev/terraform/01_resource_group.tf @@ -1,5 +1,5 @@ // This code is part of the project 'terraform-example' -// Copyright 2022, AcmeCorp International +// Copyright 2023, AcmeCorp International // // This code is generated; DO NOT EDIT. diff --git a/examples/terraform/compiled/dev/terraform/02_network.tf b/examples/terraform/compiled/dev/terraform/02_network.tf index f1deb2a..5907bb4 100644 --- a/examples/terraform/compiled/dev/terraform/02_network.tf +++ b/examples/terraform/compiled/dev/terraform/02_network.tf @@ -1,5 +1,5 @@ // This code is part of the project 'terraform-example' -// Copyright 2022, AcmeCorp International +// Copyright 2023, AcmeCorp International // // This code is generated; DO NOT EDIT. diff --git a/examples/terraform/compiled/dev/terraform/03_aks.tf b/examples/terraform/compiled/dev/terraform/03_aks.tf index 9707234..7a0277f 100644 --- a/examples/terraform/compiled/dev/terraform/03_aks.tf +++ b/examples/terraform/compiled/dev/terraform/03_aks.tf @@ -1,5 +1,5 @@ // This code is part of the project 'terraform-example' -// Copyright 2022, AcmeCorp International +// Copyright 2023, AcmeCorp International // // This code is generated; DO NOT EDIT. diff --git a/examples/terraform/main.go b/examples/terraform/main.go index d17463c..fdcbbb3 100644 --- a/examples/terraform/main.go +++ b/examples/terraform/main.go @@ -58,7 +58,7 @@ func main() { } templateOutputPath := path.Join(outputPath, target) - templater, err := skipper.NewTemplater(fileSystem, templatePath, templateOutputPath, myTemplateFuncs) + templater, err := skipper.NewTemplater(fileSystem, templatePath, templateOutputPath, myTemplateFuncs, []string{}) if err != nil { panic(err) } @@ -74,7 +74,7 @@ func main() { "year": time.Now().Year(), } - data, err := inventory.Data(target, predefinedVariables, false) + data, err := inventory.Data(target, predefinedVariables, false, false) if err != nil { panic(err) } diff --git a/examples/terraform_azure/compiled/develop/markdown/README.md b/examples/terraform_azure/compiled/develop/markdown/README.md index c1b72a7..3719f96 100644 --- a/examples/terraform_azure/compiled/develop/markdown/README.md +++ b/examples/terraform_azure/compiled/develop/markdown/README.md @@ -20,7 +20,7 @@ "common": { "absolute_variable": "59efa773-ee54-47d6-a95a-eac3fca3bc24", "local_variable": "59efa773-ee54-47d6-a95a-eac3fca3bc24", - "secret": "?{azurekv:targets/develop/some_secret||randomstring:64}", + "secret": "1_up5tshpIxHC2b0yh-nMbyIyVOa90Vhi2wGuQ1FdUte_Mo2c7mLTu6dvoNW1U1z", "subscription_id": "59efa773-ee54-47d6-a95a-eac3fca3bc24" }, "foo": "bar", @@ -146,11 +146,8 @@ "secrets": { "drivers": { "azurekv": { - "vault_name": "kv-dev-edge" + "key_id": "https://skipperkeyvaultexample.vault.azure.net/keys/test1/4535327f31154de3b8de7d09115890a6" } - }, - "keys": { - "azurekv": "test" } }, "use": [ diff --git a/examples/terraform_azure/inventory/secrets/targets/develop/some_secret b/examples/terraform_azure/inventory/secrets/targets/develop/some_secret index 3bbb39b..95d3ee7 100644 --- a/examples/terraform_azure/inventory/secrets/targets/develop/some_secret +++ b/examples/terraform_azure/inventory/secrets/targets/develop/some_secret @@ -1,2 +1,2 @@ -data: YarLioor1NuX/nt13ruXzsP81Brl6obngdGePnKiyEivNT+S1k3QN0CtXjGwSBclmwE/VL9sJi+d+CWCjZLgJF1EoXaV3UPof4RhSiirlBqoqbm6B5ij+fwHOHlNpDW9tS1Q0GmhhB64CYFnvbso6QLFdlh2l1gszzKPtNWWDUsz7lZSV3DO2BbVo7nLh+QsXQKIIfXTNNoLLjFW6mtbZHlruN6LEenR9Ufnb6Gu48RpE6d2L0ptFf9mHEti89G3vEfjtnzdwNG4V1okayA8wrY9xRUmu/jZyUN4kNw/NsQxJXllz8PENilfFV1duBSZ/i4uGoB4P9GPyLGlANxjWwI93L/QrjDuXGdLIRAOs4jFyGLrkU9OEPshGjOUZuuOJo6mGg2eFVDRQvA5zFpo8KecKhNoq1v4f5vyUVWkt/TiaATc3v0duWWkNdnQmm9CxmmmGwpuBmF2gbajmm07Hwqf3HTk2zCTJcFAFGzngA5g4cpNRGKIZDONNVWO56eiCRzhyCaEQmMQE0e6/m8hPIUczLKCVzjFrqeNanR91D7BSReRb5jrn+nKK9aX4kSrxyfG+E5w6nCCdwqc8UJvGS1X0P9d63v3198nGhZYinA79ynH4GHiU8/eaBwHG9fHCD6LEiYMifrDdrp+HZPWcPKvISO+1u8ii2sCRoXG3fU +data: qnaAMrwvK3JF6I/XAIHWAn5UyZN6gNKCOblgq7gCkuZU4tqcEPAGWz8yQcBIPVinD/OBeH+WQjgJ06BI2rFDElJeNxGkLIQduITI9Qyz2FUcysC3Uus+Aw2dWRHSfNJ5Zy+ZOKhImb0VBgpRcBsru2/6dWl1FS/McnscnXngRtYVeYWpJe908DCRmJZ8xHmYUTw4Ehz1u0rzgIxoggYq/EnLBjcXQaz///IQLs8QGpODArgNoB140lx+1v/HOwtJYBuPAjUJ9FBMfaa9P+f7AOOkAhnnNvTVR8CBSDqEDajDhevIwovk40PJf3Yc13svP/ZAGmHuXn/73/u5kBda8/wogSzVj5C+uqRjyuIuDIq4R4gE+TZU9zjFX9P7Hyx5AEXol63AGHj8VjUeD724W70VB6t4FzbSKGSOCAviUBK4cmI30NAftz3YXY/sePkH4vtOPci4ZkNVvheoHrFO4KUwjCDJI/XK/mz5d6gzcY1IT4NBPFthgW2jGXgS/Rb14v8GlhMJZXN+GowyRo5Tp/VeNSFyXmzgN8Z4NLdw0i5RVVIGS783PDdJHEdPgN5Lc3s1GVHX9tpJgM1v5hZXb7kw8HiP97Tfnz7Rbs3JZiKwO+rJqJwbm7Z1EbhCi4cIFcNJOuV99M0//trx6r0Z0ckZkvqqcdR7KJ+GElUB8Lg type: azurekv diff --git a/examples/terraform_azure/inventory/targets/develop.yaml b/examples/terraform_azure/inventory/targets/develop.yaml index 9f2986e..2875f9e 100644 --- a/examples/terraform_azure/inventory/targets/develop.yaml +++ b/examples/terraform_azure/inventory/targets/develop.yaml @@ -21,10 +21,7 @@ target: secrets: drivers: azurekv: - vault_name: "%{env:AZURE_KEY_VAULT_NAME}" - keys: - azurekv: "test" - + key_id: https://skipperkeyvaultexample.vault.azure.net/keys/test1/4535327f31154de3b8de7d09115890a6 azure: common: subscription_id: "59efa773-ee54-47d6-a95a-eac3fca3bc24" # random uuid diff --git a/examples/terraform_azure/main.go b/examples/terraform_azure/main.go index b6ada57..d8f18d8 100644 --- a/examples/terraform_azure/main.go +++ b/examples/terraform_azure/main.go @@ -1,6 +1,7 @@ package main import ( + "flag" "fmt" "log" "path" @@ -11,18 +12,37 @@ import ( ) var ( - fileSystem = afero.NewOsFs() - inventoryPath = "inventory" - classPath = path.Join(inventoryPath, "classes") - targetPath = path.Join(inventoryPath, "targets") - templatePath = "templates" - secretPath = path.Join(inventoryPath, "secrets") - outputPath = "compiled" - - target = "develop" + fileSystem = afero.NewOsFs() + + inventoryPath string + templatePath string + outputPath string + + targetPath string + classPath string + secretPath string + target string ) +func init() { + flag.StringVar(&inventoryPath, "data", "inventory", "path to the inventory folder") + flag.StringVar(&templatePath, "templates", "templates", "path to the templates folder") + flag.StringVar(&outputPath, "output", "compiled", "template output path") + flag.StringVar(&target, "target", "dev", "name of the target to use") + flag.Parse() + + targetPath = path.Join(inventoryPath, "targets") + classPath = path.Join(inventoryPath, "classes") + secretPath = path.Join(inventoryPath, "secrets") + + log.Printf("inventory path set to '%s'", inventoryPath) + log.Printf("template path set to '%s'", templatePath) + log.Printf("compiled path set to '%s'", outputPath) + log.Printf("desired target is '%s'", target) +} + func main() { + log.Println(classPath) inventory, err := skipper.NewInventory(fileSystem, classPath, targetPath, secretPath) if err != nil { panic(err) @@ -34,7 +54,7 @@ func main() { } // Process the inventory, given the target name - data, err := inventory.Data("develop", predefinedVariables, true, false) + data, err := inventory.Data(target, predefinedVariables, false, true) if err != nil { panic(err) } @@ -63,7 +83,7 @@ func main() { } templateOutputPath := path.Join(outputPath, target) - templater, err := skipper.NewTemplater(fileSystem, templatePath, templateOutputPath, nil) + templater, err := skipper.NewTemplater(fileSystem, templatePath, templateOutputPath, nil, nil) if err != nil { panic(err) } From a11be008e7f8dc18348fe3d58a5249db57831567 Mon Sep 17 00:00:00 2001 From: Lukas Jarosch Date: Sat, 30 Sep 2023 11:48:42 +0200 Subject: [PATCH 2/2] refactor: remove internal package; move secrets to own package --- inventory.go | 5 +++-- secret.go | 15 ++++++++------- driver.go => secret/driver.go | 14 +++++++------- {internal/secret => secret/driver}/aes.go | 2 +- {internal/secret => secret/driver}/azure.go | 2 +- {internal/secret => secret/driver}/base64.go | 2 +- {internal/secret => secret/driver}/plain.go | 2 +- 7 files changed, 22 insertions(+), 20 deletions(-) rename driver.go => secret/driver.go (73%) rename {internal/secret => secret/driver}/aes.go (99%) rename {internal/secret => secret/driver}/azure.go (99%) rename {internal/secret => secret/driver}/base64.go (97%) rename {internal/secret => secret/driver}/plain.go (97%) diff --git a/inventory.go b/inventory.go index 4f83e15..800c7ff 100644 --- a/inventory.go +++ b/inventory.go @@ -5,6 +5,7 @@ import ( "path/filepath" "strings" + "github.com/lukasjarosch/skipper/secret" "github.com/spf13/afero" ) @@ -249,12 +250,12 @@ func (inv *Inventory) Data(targetName string, predefinedVariables map[string]int if !skipSecretHandling { // fetch and configure secret drivers configured by the target for driverName, driverConfig := range target.Configuration.Secrets.Drivers { - driver, err := SecretDriverFactory(driverName) + driver, err := secret.SecretDriverFactory(driverName) if err != nil { return nil, fmt.Errorf("target contains invalid secret driver configuration: %w", err) } - if drv, ok := driver.(ConfigurableSecretDriver); ok { + if drv, ok := driver.(secret.ConfigurableDriver); ok { if config, ok := driverConfig.(map[string]interface{}); ok { err = drv.Configure(config) if err != nil { diff --git a/secret.go b/secret.go index 8a12870..fac5ca8 100644 --- a/secret.go +++ b/secret.go @@ -6,6 +6,7 @@ import ( "regexp" "strings" + "github.com/lukasjarosch/skipper/secret" "github.com/spf13/afero" ) @@ -15,7 +16,7 @@ var secretRegex = regexp.MustCompile(`\?\{(\w+)\:([\w\/\-\.\_]+)(\|\|([\w\-\_\.\ type Secret struct { *SecretFile - Driver SecretDriver + Driver secret.Driver DriverName string AlternativeCall *Call Identifier []interface{} @@ -69,18 +70,18 @@ func FindOrCreateSecrets(data Data, secretFiles SecretFileList, secretPath strin return nil, fmt.Errorf("unexpected error during secret detection, file a bug report") } - for _, secret := range vars { + for _, sec := range vars { // ensure that the driver is loaded and assigned to every secret - driver, err := SecretDriverFactory(secret.DriverName) + driver, err := secret.SecretDriverFactory(sec.DriverName) if err != nil { - return nil, fmt.Errorf("cannot get secret driver '%s': %w", secret.DriverName, err) + return nil, fmt.Errorf("cannot get secret driver '%s': %w", sec.DriverName, err) } - secret.Driver = driver + sec.Driver = driver // secrets which do not have a file associated are candidates for automatic creation - if secret.SecretFile.YamlFile == nil { - err = secret.attemptCreate(fs, secretPath) + if sec.SecretFile.YamlFile == nil { + err = sec.attemptCreate(fs, secretPath) if err != nil { return nil, fmt.Errorf("failed to auto-create secret: %w", err) } diff --git a/driver.go b/secret/driver.go similarity index 73% rename from driver.go rename to secret/driver.go index 99b7b5a..55c2287 100644 --- a/driver.go +++ b/secret/driver.go @@ -1,26 +1,26 @@ -package skipper +package secret import ( "fmt" "strings" - driver "github.com/lukasjarosch/skipper/internal/secret" + "github.com/lukasjarosch/skipper/secret/driver" ) -type SecretDriver interface { +type Driver interface { Type() string Encrypt(data string) (string, error) Decrypt(encrypted string) (string, error) } -type ConfigurableSecretDriver interface { - SecretDriver +type ConfigurableDriver interface { + Driver Configure(config map[string]interface{}) error } -var driverCache = map[string]SecretDriver{} +var driverCache = map[string]Driver{} -func SecretDriverFactory(name string) (secretDriver SecretDriver, err error) { +func SecretDriverFactory(name string) (secretDriver Driver, err error) { name = strings.ToLower(name) // return a cached version of the driver if there is one diff --git a/internal/secret/aes.go b/secret/driver/aes.go similarity index 99% rename from internal/secret/aes.go rename to secret/driver/aes.go index 905e0b5..92b0346 100644 --- a/internal/secret/aes.go +++ b/secret/driver/aes.go @@ -1,4 +1,4 @@ -package secret +package driver import ( "crypto/aes" diff --git a/internal/secret/azure.go b/secret/driver/azure.go similarity index 99% rename from internal/secret/azure.go rename to secret/driver/azure.go index 792d587..7a78fb9 100644 --- a/internal/secret/azure.go +++ b/secret/driver/azure.go @@ -1,4 +1,4 @@ -package secret +package driver import ( "context" diff --git a/internal/secret/base64.go b/secret/driver/base64.go similarity index 97% rename from internal/secret/base64.go rename to secret/driver/base64.go index f000356..25acf52 100644 --- a/internal/secret/base64.go +++ b/secret/driver/base64.go @@ -1,4 +1,4 @@ -package secret +package driver import ( "encoding/base64" diff --git a/internal/secret/plain.go b/secret/driver/plain.go similarity index 97% rename from internal/secret/plain.go rename to secret/driver/plain.go index 96ded6d..d18119a 100644 --- a/internal/secret/plain.go +++ b/secret/driver/plain.go @@ -1,4 +1,4 @@ -package secret +package driver // Plain is the most basic secret driver. // It does not expect any encryption and will just return any data which exists in the secret files.